Bank Scams Exposed: Fake Calls, Accidental Transfers, and QR Fraud

Your phone rings. The caller ID shows Chase Bank. A polite representative explains that suspicious activity has been detected on your account and they need to verify your identity immediately — or your account will be frozen. Your heart rate spikes. You almost give them your verification code. But this is not Chase. This is a scammer with a spoofed phone number, and that code would hand them your account.

Bank scams cost Americans billions of dollars every year. The tactics have evolved far beyond the obvious Nigerian prince emails. Today's scammers use caller ID spoofing, real-time social engineering, fake banking apps, and even QR code hijacking to drain accounts.

Types of Bank Scams You Need to Know

1. Fake Customer Service Calls

Scammers spoof the phone numbers of Chase, Bank of America, Citibank, and other major banks. They claim your account has been compromised and urgently request your login credentials, one-time passcodes, or Social Security number. Some even transfer you between fake "departments" to seem legitimate.

2. The "Accidental Transfer" Extortion

This is one of the most deceptive schemes. A scammer sends real money to your account — sometimes through Zelle or a wire transfer — then contacts you claiming it was a mistake. They pressure you to send the money to a different account. The catch:

• The original funds may be from a stolen account
• The "return" account belongs to the scammer
• You may become an unwitting money mule in a fraud ring

3. QR Code Payment Fraud

Criminals place fake QR codes over legitimate ones at parking meters, restaurants, and shops. When you scan the code, your payment goes to the scammer instead of the business. Others send fraudulent QR codes via iMessage or email disguised as invoices or payment requests.

4. Fake Banking Apps

Phishing messages via text or email direct you to download a "security update" or "new banking app." The app looks identical to your real bank's interface but captures every credential you enter.

Red Flags to Watch For

Red Flag	Why It Matters
Caller asks for OTP or password	Banks never ask for these over the phone
Extreme urgency ("act now or lose access")	Pressure tactics prevent you from thinking clearly
Request to download app from a link	Legitimate apps come only from official app stores
Call from an unfamiliar number claiming to be your bank	Banks use published customer service numbers
Shortened URLs in text messages	Banks do not send bit.ly or similar links via SMS
Request to return "accidental" money to a different account	Legitimate refunds are processed through the bank

What to Do If You Are Targeted

1. Do not share any information. Never provide passwords, OTPs, PINs, or Social Security numbers over the phone, text, or email.

2. Hang up and call the real number. Look up your bank's customer service number on the back of your card or the official website. Do not call any number the suspicious caller provides.

3. Do not send money back. If someone claims an accidental transfer, contact your bank directly. Let the bank handle the reversal.

4. Document everything. Save phone numbers, screenshots of messages, and any transaction records.

5. Report the scam.

   • FTC: reportfraud.ftc.gov
   • CFPB: consumerfinance.gov/complaint
   • Your bank's fraud department

6. Freeze your account if you believe your credentials have been compromised.

How to Verify Official Bank Communications

• Always call back using the number on your card — never the number from an incoming call or message.
• Log into your bank's official app (downloaded from the App Store or Google Play) to check for alerts or transactions.
• Visit a branch in person if you are unsure about a communication.
• Check your bank's official website for current scam warnings.
• Remember: Banks will never ask for your full password, OTP, or PIN via phone, email, or text.

Sharing Account Information Securely with LOCK.PUB

Sometimes you legitimately need to share bank account details — for a direct deposit form, paying a contractor, or splitting expenses. Sending account and routing numbers through plain iMessage or email leaves them permanently stored in chat logs that could be compromised.

LOCK.PUB lets you create an encrypted, password-protected memo. Only someone with the password can read it. You can set it to expire automatically, so your banking details do not live on the internet forever.

Instead of texting your account number in plain text:

1. Go to lock.pub and create a secure Memo
2. Enter your banking details
3. Set a password and expiration time
4. Share the link with your recipient and send the password through a separate channel

Stay Vigilant

Bank scams thrive on urgency and trust. The golden rule: your bank will never ask for your password or OTP over the phone. Always verify through official channels, report suspicious contacts to the FTC and CFPB, and when you need to share sensitive financial information, use an encrypted tool like LOCK.PUB instead of plain text.

Share this guide with family and friends — awareness is the best defense against fraud.